Latitude Subrogation Services, LLC’s (LSS) Service Organization Control (SOC) Report is an independent third-party examination report that demonstrates how LSS maintains effective controls over its claim subrogation services system for processing transactions (system) of entities that use LSS’s services (user entities) to provide reasonable assurance that:
- the description fairly presents the claim subrogation services system made available to user entities of the system during some or all of the period November 1, 2019 to October 31, 2020 for processing their transactions as it relates to controls that are likely to be relevant to user entities’ internal control. The criteria we used in making this assertion were that the description:
- presents how the claim subrogation services system made available to user entities of the system was designed and implemented to process relevant user entity transactions, including, if applicable:
-
- the types of services provided including, as appropriate, the classes of transactions processed.
- the components of the system used to provide the services, which are the following:
- Infrastructure. The physical structures, IT, and other hardware (for example, facilities, computers, equipment, mobile devices, and telecommunications networks).
- Software. The applicable programs and IT system software that support applicable programs (operating systems, middleware, and utilities).
- People. The personnel involved in the governance, operation, and use of a system (developers, operators, entity users, vendor personnel, and managers).
- Procedures. The automated and manual procedures.
- Data. Transaction streams, files, databases, tables, and output used or processed by a system.
- the procedures, within both automated and manual systems, by which those services are provided, including, as appropriate, procedures by which transactions are initiated, authorized, recorded, processed, corrected as necessary, and transferred to the reports and other information prepared for user entities of the system.
- the information used in the performance of the procedures, including, if applicable, related accounting records, whether electronic or manual, and supporting information involved in initializing, authorizing, recording, processing, and reporting transactions; this includes the correction of incorrect information and how information is transferred to the reports and other information prepared for user entities.
- how the system captures and addresses significant events and conditions, other than transactions.
- the process used to prepare reports and other information for user entities.
- services performed by a subservice organization, if any, including whether the inclusive method or the carve-out method has been used in relation to them.
- the specified control objectives/criteria and controls designed to achieve those objectives/criteria, including as applicable, complementary subservice organization and complementary user entity controls assumed in the design of LSS’s controls.
- other aspects of our control environment, risk assessment process, information and communication (including the related business processes), control activities, and monitoring activities that are relevant to the services provided.
- includes relevant details of changes to the system during the period covered by the description.
- does not omit or distort information relevant to the system, while acknowledging that the description is prepared to meet the common needs of a broad range of user entities of the system and their independent
auditors, and may not, therefore, include every aspect of the system that each individual user entity of the system and its auditor may consider important in its own particular environment.
- the controls related to the control objective/criteria stated in the examination were suitably designed and operated effectively throughout the period November 1, 2019 to October 31, 2020 to achieve the stated control objectives and to provide reasonable assurance that LSS’s service commitments and system requirements were achieved based on the applicable trust services criteria if the complementary subservice organization and user entity controls assumed in the design of LSS’s controls operated effectively throughout the period November 1, 2019 to October 31, 2020. The criteria we used in making this assertion were that
- the risks that threaten the achievement of the control objectives/criteria stated in the description have been identified by LSS management;
- the controls identified in the description would, if operating effectively, provide reasonable assurance that those risks would not prevent the control objectives/criteria stated in the description from being achieved; and
- the controls were consistently applied as designed, including whether manual controls were applied by individuals who have the appropriate competence and authority.
LSS has completed a SOC 1 Type II examination and a SOC 2 Type II examination.
A SOC 1 Type II report is specifically intended to meet the common needs of a broad range user entities of LSS’s claim subrogation services system during some or all of the period November 1, 2019 to October 31, 2020 and the independent auditors who audit and report on such user entities’ financial statements or internal control over financial reporting and have sufficient understanding to consider it, along with other information including information about controls implemented by user entities themselves, when assessing the risks of material misstatements of user entities’ financial statements.
A SOC 2 Type II report is specifically intended to meet the common needs of a broad range of user entities of LSS’s Claims Subrogation Services System during some or all of the period November 1, 2019 to October 31, 2020, and prospective user entities, independent auditors, practitioners providing services to such user entities, and regulators who have sufficient knowledge and understanding of the following;
- The nature of the service provided by LSS
- How LSS’s system interacts with user entities, business partners, subservice organizations, and other parties
- Internal control and its limitations
- Complementary subservice organization and user entity controls and how those controls interact with related controls at LSS to achieve LSS’s service commitments and system requirements
- User entity responsibilities and how they may affect the user entity’s ability to effectively use LSS’s services
- The applicable trust services criteria
- The risks that may threaten the achievement of the applicable trust services criteria and how controls address those risks
The SOC examinations include information and our independent third-party CPA’s opinion about the description of the system, the suitability of the design and operating effectiveness of controls during the period November 1, 2019 to October 31, 2020..
6785 Telegraph Road, Suite 400
Bloomfield Hills, MI 48301
(877) 454-3400